checking ISAKMPD and dependency of remote hosts on ISAKMPD

Jacob Yocom-Piatt dick at uchicago.edu
Mon May 8 14:08:36 CEST 2006

Previous message: checking ISAKMPD and dependency of remote hosts on ISAKMPD
Next message: checking ISAKMPD and dependency of remote hosts on ISAKMPD
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

i'm trying to get nagios to run a check on the isakmpd (UDP port 500) service on
gateway machines for 2 private subnets connected by a VPN. additionally, i would
like to include the isakmpd service as a dependency for the hosts that are
checked behind the remote gateway, i.e. if the VPN isn't up nagios can't reach
my remote hosts. it is likely noteworthy that the host running nagios is the
local firewall/gateway.

to check UDP port 500, i've tried to list a service with "check_command
check_udp!500". i cannot get this to work on the local or remote gateway. nagios
issues the status information "No data was received from host!". when i issue a
"nmap -P0 -sU -p 500 <either gateway>" from another local machine i get

PORT    STATE         SERVICE
500/udp open|filtered isakmp

Nmap finished: 1 IP address (1 host up) scanned in 2.044 seconds

the "filtered" part is likely because the PF rules on the gateways are set to
only allow the other gateway to connect on UDP port 500. do i need to change my
PF rules? perhaps there is another way of checking this service of which i am
unaware.

also, in the event that the isakmpd service stops, the remote machines without
public IPs will go critical. what is the best way to make these remote hosts
depend on the status of the isakmpd service?

just point me in the right direction and i'll do the rest. no excessive
cluesticking required.

cheers,
jake


-------------------------------------------------------
Using Tomcat but need to do more? Need to support web services, security?
Get stuff done quickly with pre-integrated technology to make your job easier
Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo
http://sel.as-us.falkag.net/sel?cmd=lnk&kid=120709&bid=263057&dat=121642
_______________________________________________
Nagios-users mailing list
Nagios-users at lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/nagios-users
::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. 
::: Messages without supporting info will risk being sent to /dev/null

Previous message: checking ISAKMPD and dependency of remote hosts on ISAKMPD
Next message: checking ISAKMPD and dependency of remote hosts on ISAKMPD
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the Users mailing list